It's all about where they look for new/updated keys. There's folks
out there who use a WKD setup, as you mentioned, then there's some
who use a standalone (isolated, non-peering) SKS keyserver, etc.
I do not think reverting the patch that causes issues for them is a
smart move in the long run.
Hello,
I just saw the following bug reported in Arch Linux repos:
https://bugs.archlinux.org/task/63147
with the title "[gnupg] 2.2.17 release is broken by design and breaks
pacman".
It appears Arch's packages use Web of Trust for introducing new
developers by adding 3 signatures out of 5
